Pagoda Blog

When you think of someone leaving their job, it’s likely the first image that comes to mind is an outdated one. You may picture a disgruntled employee hastily packing the contents of their office into a cardboard box. They start with the sentimental items, carefully placing the family photo, employee of the month plaque, and the gifted paperweight at the bottom of the box before unceremoniously dumping the remaining pens, papers, and sticky notes on top. Lastly, they pick up the potted plant and balance it on their hip, taking one last look at the now lifeless space they occupied every weekday for the last 10 years before turning their back and leaving for good. 

 

But in the digital age, there’s so much more to clean up than a physical office. Even once the keys to the building are turned in, there may be multiple ‘doors’ through which an ex-employee can still enter and access private company data and critical company resources. With so much of a company’s data now living online, it’s the digital cleanup that matters most. 

 

Between 2018 and 2020 the number of insider-related cybersecurity incidents increased by 47%, costing companies an average of nearly $12 million over the course of just 12 months. Even with these staggering statistics, insider threats are too often overlooked. It’s important to note that most of these incidents aren’t malicious attacks, they’re simply due to negligence — companies get sloppy with where login credentials and company data is stored and who has access. What it comes down to is this: If you’re not taking steps to protect your data when an employee leaves, you’re putting your company at substantial risk for long-term damage, both in terms of finances and reputation.    

 

Even if you trust your team completely, keeping old user accounts accessible or failing to revoke system access from a terminated employee makes it easier for your account information to fall into the wrong hands. It’s also easy for people to make mistakes — unintentionally putting your data at risk by failing to protect their passwords or continuing to use a work email account for personal purposes out of habit. 

 

When an employee leaves, there are several steps you must take immediately as an employer to ensure your network and sensitive company data remains secure. 

 

 

Revoke system access asap 

As soon as an employee is officially terminated, your IT team should revoke system access immediately. This can either be done manually or you can use software that automates the task. This may involve changing passwords to accounts or deleting accounts that are no longer necessary. These accounts may include their work email account, social media accounts, CRM software, and communication tools like Discord or Slack. 

 

Related post: The Downside of Remote Work: Rise in Malware Links on Discord and Slack

 

For email accounts, you may need to take a few extra steps to ensure company data (such as documents, important email threads, or contacts) don’t get lost. Depending on the role of the employee, it often makes sense to forward their email address to another active employee’s account to ensure messages don’t get missed. 

 

To ensure access is revoked to all company accounts, password management systems like Passportal can automatically change passwords and/or remove access. For example, for social media accounts you may just need to remove them as an Admin or Editor on the account without needing to change the password. Any passwords that do need to be changed will automatically update across employee Passportal accounts so that they still have access. 

 

Related post: Are Passwords Strengthening or Compromising Your Security? The Pros and Cons of Passwordless Authentication

 

Limit access in the first place 

During the onboarding process, it’s important to identify which accounts each role needs access to and at what level. There’s no need to give everyone Admin level access to your social media accounts or CRM system. Managing access and permissions up front can save you from innocent but costly human errors or malicious acts of sabotage from disgruntled employees. 

 

Delete inactive user accounts 

Depending on the size of your company, it may be necessary for your IT team to comb through your network quarterly to identify and remove inactive accounts. Insiders (or outsiders) can use these inactive accounts to gain access to your network. 

 

Store and manage your login credentials all in one place

When you have login credentials stored in multiple spreadsheets or documents, it becomes nearly impossible to track who has access to what account. Keeping track of login credentials in one unified system like Passportal will streamline both the onboarding and offboarding process, minimizing opportunities for a data breach and allowing you to easily see who has access to what accounts.  

 

Keep track of company devices

If you have any employees working remotely, having a BYOD (bring your own device) policy in place is a critical component to your cybersecurity strategy. This policy should include registering and authorizing each device and installing mobile device management software. This software gives your IT team access to the device, allowing them to immediately revoke access to the company network should the device be lost, stolen, or not returned after an employee is terminated. 

 

Related reading: How to Create a BYOD Policy for the Hybrid Workplace

 

Treat all employees with respect 

While most insider threats are due to human error, not criminal intent, 23% of insider incidents are malicious. This fact means that establishing a relationship with each and every employee, founded on trust and respect, is critical to your cybersecurity. Keeping an open channel of communication between employees and their superiors and giving them a safe space to air grievances and share concerns should be a number one priority. Ensuring all team members feel valued and respected can go a long way in preventing an employee from exposing sensitive data or using their access to misuse a company credit card or bank account. 

 

Remind exiting employees of their employee agreement 

Especially if you’ve established a trusted relationship between yourself and your employees, reviewing the employee agreement together upon dismissal can also help prevent a data breach. If possible, it’s helpful to review the agreement and the offboarding process at least a few days before the employee’s last day on the job. This gives them time to archive any personal messages or documents potentially stored in a work account. It also reminds them what information they legally can take with them (such as contacts, work projects, creative assets, etc) and what remains the sole property of the company. 

 

It’s helpful to have an offboarding checklist in place that you can run through with the employee and another with tasks just for your IT team. This ensures all network entry points are closed and no company data is either lost or leaked (either purposefully or inadvertently) in the transition.

 

Have further questions about keeping your data safe when an employee leaves the company? We’re here to help. Get in touch and schedule your free consultation today.  

 

Related reading: 

How to Train Your Entire Team in Cybersecurity

3 Ways to Access Work Files Remotely  

How to Secure Your Smartphone for Remote Work

 

Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and sharpen your technical skills, from cybersecurity to digital marketing. 

 

 

Want IT to serve you better?

 

 

 

About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.